First, set three elements: users, groups, roles.
Users are logged in and correspond to people. The group corresponds to the collection of users, is a special user. The role is a collection of sets of weights, and the user (group) has its own role.
The implementation of the permissions is implemented by the Permission class and the Rule class.
Permission is for external calls, Rule is an interface for permission judgment rules.
Permission is an abstract class with the following method
Public Boolean Haspermission (User, Hashmap OldData, Input Input);
Public String getPermissionname ();
Public abstract rule [] getDenyrule ();
Public abstract rule [] getacceptrule ();
Haspermission method For external calls, implemented, implementation is first based on the rules obtained by getDenyrule (), determined whether or not it is blocked, and then determines if there is permission according to getAcceptrule.
The capture of the RULE interface is defined by the user, with a package with an implementation of Rule, the implementation is as follows:
Look for all roles of the user, then determine if the role has permissions, if there is no right to find its parent group, then the role of the parent group is determined whether there is permission, if no permission is limited, then the top group Until the top order or no authority is determined to have no permissions.
There is three kinds of ways that the privilege of judging the right to determine the rights is already possible.
1. Is there a permission to operate.
2, whether there is a permission to operate.
3. Permissions for operation (sub-operation) when data is a certain condition.
When the program is developed, the first step, writes User, Group, and Role, a set of XML implementation classes have been provided.
Step 2, write a configuration file, perform the configuration of the right.
In the third step, you can call the permission.haspermission method where the permissions must be permissions.
I will post the code by day later.
If you have any other kind of permissions to be judged, please send me an email, I will continue to improve, welcome everyone to mention.
